Encryption Books - Page 6

The Ultimate Security+ Certification Exam Cram 2 Study Kit (Exam SYO-101) (Exam Cram 2)

Que Certification

Amazon Price: $25.74 List Price: $39.00 Usually ships in 24 hours By: Que Amazon Marketplace: 34 new & used starting at $24.08

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Business & Investing -> Reference -> Education

Customer Reviews:
Total reviews: 12 Average rating: 4.0 of 5

Editorial Review:

This bundle is the perfect study tool for those taking the popular Security+ exam. You will find the Ultimate Security+ Exam Cram 2 Study Kit is a must-have resource to give you everything you need to pass the exam.

The Security+ Exam Cram 2 book:

• Maps exactly to the exam objectives, helping you quickly and easily assess your mastery of the material.
• Undergoes a stringent review process that includes scrutiny by nearly a dozen industry experts - including Series Editor Ed Tittel, the creator of the Exam Cram series -- who ensure the book presents the most complete, up-to-date, technically accurate, and well-organized material available.
• Includes test-taking strategies and time-saving tips, helping improve your success by explaining the how and why of the exams in addition to the what on the exams.

The Security+ Certification Practice Questions Exam Cram 2 book:

• Includes more than 500 practice questions organized according to each exam objective.
• Questions include detailed answers and the exclusive Quick Answer Study System -- which helps readers find answers quickly and easily.
• CD features all 500+ practice questions from the book.

Snort Intrusion Detection and Prevention Toolkit (Jay Beale's Open Source Security)

Brian Caswell; Jay Beale; Andrew R Baker

Amazon Price: $32.97 List Price: $49.95 Usually ships in 24 hours By: Syngress Publishing Amazon Marketplace: 29 new & used starting at $27.68

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General

Customer Reviews:
Total reviews: 4 Average rating: 4.5 of 5

Editorial Review:

This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills.

The book begins with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed.

Next, a detailed chapter on configuring Snort highlights various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD.

The last part of the book contains several chapters on active response, intrusion prevention, and using Snort's most advanced capabilities for everything from forensics and incident handling to building and analyzing honey pots. Data from real world attacks will be presented throughout this part as well as on the accompanying CD.

SSL and TLS: Designing and Building Secure Systems

Eric Rescorla

Amazon Price: $40.45 List Price: $49.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 43 new & used starting at $6.99

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 20 Average rating: 4.5 of 5

Editorial Review:

Secure Sockets Layer (SSL) is used in virtually every commercial web browser and server. In this book, one of the world's leading network security experts explains how SSL works -- and gives implementers step-by-step guidance and proven design patterns for building secure systems with SSL. Eric Rescorla also provides the first in-depth introduction to Transport Layer Security (TLS), the highly anticipated, maximum-security successor to SSL. Rescorla starts by introducing SSL's fundamentals: how it works, and the threats it is intended to address. One step at a time, he addresses each key SSL concept and technique, including cryptography, SSL performance optimization, designing and coding, and how to work around SSL's limitations. Rescorla demonstrates TLS at work in SMTP-based Internet security applications. The book includes detailed examples of SSL/TLS implementations, with in-depth insight into the key design choices that informed them. For all network and security designers, enterprise developers, system implementers, and suppliers of Internet security products and services.

Kerberos: The Definitive Guide

Jason Garman

Amazon Price: $23.07 List Price: $34.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 54 new & used starting at $7.06

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Microsoft -> Networking
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General AAS

Customer Reviews:
Total reviews: 6 Average rating: 4.0 of 5

Editorial Review:

Single sign-on is the holy grail of network administration, and Kerberos is the only game in town. Microsoft, by integrating Kerberos into Active Directory in Windows 2000 and 2003, has extended the reach of Kerberos to all networks large or small. Kerberos makes your network more secure and more convenient for users by providing a single authentication system that works across the entire network. One username; one password; one login is all you need. Fortunately, help for administrators is on the way. Kerberos: The Definitive Guide shows you how to implement Kerberos for secure authentication. In addition to covering the basic principles behind cryptographic authentication, it covers everything from basic installation to advanced topics like cross-realm authentication, defending against attacks on Kerberos, and troubleshooting. In addition to covering Microsoft's Active Directory implementation, Kerberos: The Definitive Guide covers both major implementations of Kerberos for Unix and Linux: MIT and Heimdal. It shows you how to set up Mac OS X as a Kerberos client. The book also covers both versions of the Kerberos protocol that are still in use: Kerberos 4 (now obsolete) and Kerberos 5, paying special attention to the integration between the different protocols, and between Unix and Windows implementations. If you've been avoiding Kerberos because it's confusing and poorly documented, it's time to get on board! This book shows you how to put Kerberos authentication to work on your Windows and Unix systems.

Security Warrior

Cyrus Peikari, Anton Chuvakin

Amazon Price: $29.67 List Price: $44.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 42 new & used starting at $15.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 27 Average rating: 4.5 of 5

Editorial Review:

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.

What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.

Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.

Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments

Douglas J. Landoll

Amazon Price: $63.96 List Price: $79.95 Usually ships in 24 hours By: CRC Amazon Marketplace: 28 new & used starting at $56.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> MIS
Subjects -> Computers & Internet -> Business & Culture -> Manager's Guides to Computing
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 4 Average rating: 5.0 of 5

Editorial Review:

The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments provides detailed insight into precisely how to conduct an information security risk assessment. Designed for security professionals and their customers who want a more in-depth understanding of the risk assessment process, this volume contains real-world advice that promotes professional development. It also enables security consumers to better negotiate the scope and rigor of a security assessment, effectively interface with a security assessment team, deliver insightful comments on a draft report, and have a greater understanding of final report recommendations. This book can save time and money by eliminating guesswork as to what assessment steps to perform, and how to perform them. In addition, the book offers charts, checklists, examples, and templates that speed up data gathering, analysis, and document development. By improving the efficiency of the assessment process, security consultants can deliver a higher-quality service with a larger profit margin. The text allows consumers to intelligently solicit and review proposals, positioning them to request affordable security risk assessments from quality vendors that meet the needs of their organizations.

Cryptography for Dummies

Chey Cobb

Amazon Price: $22.49 List Price: $24.99 Usually ships in 7 to 11 days By: For Dummies Amazon Marketplace: 40 new & used starting at $10.17

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Networking -> General AAS

Customer Reviews:
Total reviews: 10 Average rating: 3.5 of 5

Pretty Good Intro to Cryptography 4 out of 5 stars.
12 of 14 people found this review helpful.

I've stumbled across cryptography for about the past year, so recently I decided to go ahead and learn some basics (as I think the subject and InfoSec is really interesting). Most cryptography books out there are for the advanced and are mathematically rigorous. While I gladly welcome math, I needed an overview to bring me up to speed, prepping me for more intermediate (and eventually advanced) texts later.

I've never read a Dummies book dealing with computer technology before, because although they're written for absolute novices, the low-level writing style irritates me, usually takes too long to get to the "interesting stuff", and the "yippity-skippity!" attitude will eventually make me go seek a more advanced text. Basically, Dummies books "hold your hand", and if this is what you need, they're great! But if not, they can be rather slow for you (as for me).

However, Cryptography for Dummies is pretty good, aside from a few misses. By this being a Dummies book, the impression of this text being for complete neophytes is false - if you don't have any experience with basic computer science topics (e.g. binary, binary-to-decimal conversions, bits/bytes/words, etc.), the first couple chapters may be a little hard to understand, as the author assumes you at least know that stuff.

Aside from that, the author does a good job explaining the basic topics one needs to understand cryptography and its inner-workings. However, the author's writing style leaves much to be desired at times. At points, I found myself scratching my head, re-reading passages several times, trying to figure out what the author meant. At times when he should explain the nuances of something, he doesn't, leaving you to go, "HUH?" (A good example of this are the early parts where he talks about keys but doesn't explain what a key is or how they interact with other parts of a cryptographic system.)

There are other sections where the author leaves entire descriptions of things out, where you'll have to figure it out for yourself. Perhaps this is purposeful, so he won't get too far into the topic, as this book is basically an overview. Something else I noticed too is the vast amount of errors the book has! I'm not sure if Dummies has an 'Errata' section on its site.

While this book is by no means a complete text (probably not even a 1/3-complete text), overall, it's good for those who want an overview of the subject, and plan on venturing further, as I do.

Editorial Review:

• Cryptography is the most effective way to achieve data security and is essential to e-commerce activities such as online shopping, stock trading, and banking
• This invaluable introduction to the basics of encryption covers everything from the terminology used in the field to specific technologies to the pros and cons of different implementations
• Discusses specific technologies that incorporate cryptography in their design, such as authentication methods, wireless encryption, e-commerce, and smart cards
• Based entirely on real-world issues and situations, the material provides instructions for already available technologies that readers can put to work immediately
• Expert author Chey Cobb is retired from the NRO, where she held a Top Secret security clearance, instructed employees of the CIA and NSA on computer security and helped develop the computer security policies used by all U.S. intelligence agencies

The Tao of Network Security Monitoring: Beyond Intrusion Detection

Richard Bejtlich

Amazon Price: $40.94 List Price: $64.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 51 new & used starting at $29.95

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 20 Average rating: 5.0 of 5

Editorial Review:

"The book you are about to read will arm you with the knowledge you need to defend your network from attackers--both the obvious and the not so obvious...If you are new to network security, don't put this book back on the shelf! This is a great book for beginners and I wish I had access to it many years ago. If you've learned the basics of TCP/IP protocols and run an open source or commercial IDS, you may be asking 'What's next?' If so, this book is for you." --Ron Gula, founder and CTO, Tenable Network Security, from the Foreword "Richard Bejtlich has a good perspective on Internet security--one that is orderly and practical at the same time. He keeps readers grounded and addresses the fundamentals in an accessible way." --Marcus Ranum, TruSecure "This book is not about security or network monitoring: It's about both, and in reality these are two aspects of the same problem. You can easily find people who are security experts or network monitors, but this book explains how to master both topics." --Luca Deri, ntop.org "This book will enable security professionals of all skill sets to improve their understanding of what it takes to set up, maintain, and utilize a successful network intrusion detection strategy. " --Kirby Kuehl, Cisco Systems Every network can be compromised. There are too many systems, offering too many services, running too many flawed applications. No amount of careful coding, patch management, or access control can keep out every attacker. If prevention eventually fails, how do you prepare for the intrusions that will eventually happen? Network security monitoring (NSM) equips security staff to deal with the inevitable consequences of too few resources and too many responsibilities. NSM collects the data needed to generate better assessment, detection, and response processes--resulting in decreased impact from unauthorized activities. In The Tao of Network Security Monitoring, Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents. Inside, you will find in-depth information on the following areas. *The NSM operational framework and deployment considerations.* How to use a variety of open-source tools--including Sguil, Argus, and Ethereal--to mine network traffic for full content, session, statistical, and alert data. *Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture. *Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM. *The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance. Whether you are new to network intrusion detection and incident response, or a computer-security veteran, this book will enable you to quickly develop and apply the skills needed to detect, prevent, and respond to new and emerging threats.

Security Monitoring with Cisco Security MARS (Networking Technology: Security)

Gary Halleen, Greg Kellogg

Amazon Price: $48.00 List Price: $60.00 Usually ships in 24 hours By: Cisco Press Amazon Marketplace: 41 new & used starting at $43.72

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 4 Average rating: 4.0 of 5

Editorial Review:

Security Monitoring with Cisco Security MARS

 

Threat mitigation system deployment

 

Gary Halleen

Greg Kellogg

 

Networks and hosts are probed hundreds or thousands of times a day in an attempt to discover vulnerabilities. An even greater number of automated attacks from worms and viruses stress the same devices. The sheer volume of log messages or events generated by these attacks and probes, combined with the complexity of an analyst needing to use multiple monitoring tools, often makes it impossible to adequately investigate what is happening.

 

Cisco® Security Monitoring, Analysis, and Response System (MARS) is a next-generation Security Threat Mitigation system (STM). Cisco Security MARS receives raw network and security data and performs correlation and investigation of host and network information to provide you with actionable intelligence. This easy-to-use family of threat mitigation appliances enables you to centralize, detect, mitigate, and report on priority threats by leveraging the network and security devices already deployed in a network, even if the devices are from multiple vendors.

 

Security Monitoring with Cisco Security MARS helps you plan a MARS deployment and learn the installation and administration tasks you can expect to face. Additionally, this book teaches you how to use the advanced features of the product, such as the custom parser, Network Admission Control (NAC), and global controller operations. Through the use of real-world deployment examples, this book leads you through all the steps necessary for proper design and sizing, installation and troubleshooting, forensic analysis of security events, report creation and archiving, and integration of the appliance with Cisco and third-party vulnerability assessment tools.

 

“In many modern enterprise networks, Security Information Management tools are crucial in helping to manage, analyze, and correlate a mountain of event data. Greg Kellogg and Gary Halleen have distilled an immense amount of extremely valuable knowledge in these pages. By relying on the wisdom of Kellogg and Halleen embedded in this book, you will vastly improve your MARS deployment.”

—Ed Skoudis, Vice President of Security Strategy, Predictive Systems

 

Gary Halleen is a security consulting systems engineer with Cisco. He has in-depth knowledge of security systems as well as remote-access and routing/switching technology. Gary is a CISSP and ISSAP. His diligence was responsible for the first successful computer crimes conviction in the state of Oregon. Gary is a regular speaker at security events and presents at Cisco Networkers conferences.

 

Greg Kellogg is the vice president of security solutions for Calence, LLC. He is responsible for managing the company’s overall security strategy. Greg has more than 15 years of networking industry experience, including serving as a senior security business consultant for the Cisco Enterprise Channel organization. Additionally, Greg worked for Protego Networks, Inc. (where MARS was originally developed). There he was responsible for developing channel partner programs and helped solution providers increase their security revenue.

 

Learn the differences between various log aggregation and correlation systems

• Examine regulatory and industry requirements
• Evaluate various deployment scenarios
• Properly size your deployment
• Protect the Cisco Security MARS appliance from attack
• Generate reports, archive data, and implement disaster recovery plans
• Investigate incidents when Cisco Security MARS detects an attack
• Troubleshoot Cisco Security MARS operation
• Integrate Cisco Security MARS with Cisco Security Manager, NAC, and third-party devices
• Manage groups of MARS controllers with global controller operations

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Cisco Press—Security

Covers: Security Threat Mitigation